Cybersecurity and Network Security Engineer

Description

Position Details: 

Job Title: Cybersecurity and Network Security Engineer 

Job Type: Full-time 

Location: Hybrid – Bethesda, MD  

On-site two days a week  

Dynanet Corporation Overview: 

Dynanet started with a focus on IT infrastructure and operations, helping organizations enhance their networks and overcome the limitations of 1990s technology. From strengthening communication channels to introducing innovative ways to collaborate and share information, Dynanet played a crucial role in shaping the early stages of digital transformation. The company’s efforts helped organizations build the very fabric of connectivity that now powers our modern world. Over the last three decades, Dynanet has grown into a trusted partner for organizations looking to innovate boldly and transform seamlessly. While technology continues to evolve and unlock new opportunities, for nearly 30 years, Dynanet remains committed to delivering cutting-edge solutions that drive lasting change for its customers. Through agility, foresight, and an unwavering dedication to excellence, Dynanet continues to empower organizations to thrive in a rapidly changing digital landscape. Our story is more than just a story of technology – it’s a story of vision, growth, and transformation that has shaped the past and continues to pave the way for the future. 

Roles & Responsibilities: 

• Taking inventory of client’s hardware & software assets and assessing those assets for security vulnerabilities, obsolescence, and other risks. 
• Reviewing network architectures and determining if good practices are being followed (e.g., the “zones & conduits” concept, proper network segmentation, use of Industrial DMZ, etc.); and providing recommendations to comply with applicable cybersecurity framework. 
• Reviewing security products utilized (e.g., firewalls, IDS, IPS) and determining if they are configured properly. 
• Deploying network infrastructure devices (e.g., switches, routers, etc.), security appliances (e.g., firewalls, IDS, etc.), and virtualization solutions. 
• Reviewing US government cyber security policies, plans, and procedures; assessing network monitoring capabilities; analyzing system logs, security events, and packet captures to identify security threats; and providing recommendations to comply with applicable cybersecurity framework. 
• Reviewing administrative, technical, and cybersecurity controls and providing recommendations to mitigate the identified cyber security risks. 
• Performing cyber security vulnerability and risk assessments within manufacturing and critical infrastructure environments to identify security risks and threats (e.g., unsecure remote access points, suspicious remote connections, unauthorized devices on the network, etc.) and providing recommendations to remediate the identified issues. 
• Creating detailed diagrams (e.g., network, cabling, server, rack, logical architecture, etc.), procedures, and plans (e.g., implementation, SAT, mitigation, etc.) as needed to support projects. 
• Travel to the NIH sites as required. 

Preferred Professional Skills: 

• Certified SCADA Security Architect (CSSA)  
• GIAC certifications (e.g., GICSP, GRID, Critical Infrastructure Protection)  
• ISA/IEC 62443 Cybersecurity Certificates  
• Networking certifications (e.g., CCNA, CCNP, JNCIP-ENT, etc.)  
• Cybersecurity certification (e.g., CEH, CISA, CISM, CCSP, etc.)  
• Understanding of MITRE ATT&CKS for ICS or NERC CIP frameworks  
• Understanding of general cybersecurity frameworks (ISO IEC 27001/27002, ISO 15408, NIST Cybersecurity Framework (CSF), NIST SP800-53)  
• A working knowledge of industrial control systems (e.g., DCS, PLCs, SCADA, etc.)  
• Ability to perform vulnerability / penetration testing in ICS/OT environment, and/or threat hunting  
• Prior experience Control System Engineer or SCADA Engineer working in manufacturing environments or power generation facilities  
• Certified professional engineer 

The ICS/OT Cybersecurity and Network Security Engineer shall demonstrate:  

• High integrity  
• A willingness to go beyond the ordinary to meet and exceed client expectations  
• A desire for continual challenges and development  
• Excellent written and verbal communication skills 

Dynanet Team Requirements and Expectations: 

• Possess Strong written and verbal communication skills. 
• Highly organized with an ability to prioritize, balance, and effectively advance multiple competing priorities in a high-volume, fast-paced environment. 
• Ability to interact in a professional and collaborative manner with fellow Dynanet Teammates and the clients, and business partners that we work with. 
• Ability and desire to challenge and educate yourself to support and advance IT services delivery in the Federal agencies we serve. 
• Excellent judgment and creative problem-solving skills. 
• Respond to team member and client requests via email, MS teams, or other communication means during core business hours. 
• Active listening skills to understand clients' needs, and collaboration skills to work with other developers and designers. 

Education/Experience Requirements: 

• Certified Information Systems Security Professional (CISSP). 
• Bachelors Degree in Engineering (Electrical, Mechanical, Chemical, or similar), Computer Science, or similar scientific / technical field. 
• Strong understanding of cybersecurity frameworks for ICS/OT environments (ISA-99/IEC 62443, NIST SP 800-82, CIS, Perdue Reference Model etc.). 
• Strong understanding of OT network communication protocols (e.g., Ethernet/IP, CIP, Modbus, OPC, etc.) and industrial networking topologies (e.g., ring, star, etc.). 
• A minimum of Five (5) years “hands on” experience assessing, designing, and implementing ICS/OT network architectures. 
• Demonstrated technical skills to analyze, design, and deploy complex Ethernet/IP architecture and communication technologies. 
• Experience with Nazomi Cyber-Physical System (CPS). 

Employee Benefits Overview: 

• Industry Competitive Compensation 
• Medical and Dental Insurance 
• Paid Time Off/Holidays 
• 401(k) Retirement Plans with Matching 
• Remote Work 
• Paid Training 
• Employee Referral Program 
• Employee Development Program